package com.gutai.admin.biz.auth;

import java.util.Arrays;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import com.gutai.admin.common.entity.response.MiniProResponse;
import com.gutai.admin.entity.User;

/**
 * 
 * 
 * 
 * <pre>
 * HISTORY
 * ****************************************************************************
 *  ID    DATE            PERSON            REASON
 *  1     2019年1月28日         la.01367604           Create
 * ****************************************************************************
 * </pre>
 * 
 * @author la.01367604
 * @version 1.0
 */
@Aspect
public class UserAuthAop {
    
    /** 可以公开访问的Controller 格式为controller */
    private final List<String> publicMiniProController = Arrays.asList("index", "catalog", "topic",
        "auth", "goods", "brand", "search", "region");
    /** 可以公开访问的方法 格式为： controller+action */
    private final List<String> publicMiniProAction = Arrays.asList("comment/list", "comment/count",
        "cart/index", "cart/add", "cart/checked", "cart/update", "cart/delete", "cart/goodscount",
        "pay/notify");
    
    @Pointcut("@annotation(com.gutai.admin.common.anno.MiniProAnnotation)") // (2)定义切点到有注解的方法
    public void enterPointCut() {}

    @Around("enterPointCut()")
    public Object doAuth(ProceedingJoinPoint joinPoint) throws Throwable {
        RequestAttributes ra = RequestContextHolder.getRequestAttributes();
        ServletRequestAttributes sra = (ServletRequestAttributes) ra;
        HttpServletRequest httpServletRequest = sra.getRequest();
        
        String reqAction = httpServletRequest.getRequestURI().substring(1); // 去掉前面的/
        String reqController = reqAction.split("/")[0];
        System.out.println("reqAction: " + reqAction + " reqController: " + reqController);
        if (!publicMiniProController.contains(reqController) && !publicMiniProAction.contains(reqAction)){
            // 如果为非公开，则验证用户是否登录
            String token = httpServletRequest.getHeader("x-nideshop-token");
            httpServletRequest.setAttribute("state.token", token);
            Integer userId = getUserId(token);
            httpServletRequest.setAttribute("state.userId", userId);
            if (userId == null) {
                return MiniProResponse.fail(401, "请先登录");
            }
        }
        return joinPoint.proceed();
    }
    
    /**
     * 根据token获取用户ID
     * 
     * @param token
     * @return
     * @author la.01367604-2019年1月28日
     */
    private Integer getUserId(String token) {
        if (StringUtils.isNotEmpty(token)){
            User userInfo = JwtTokenHelper.verify(token);
            return userInfo.getId();
        }
        return null;
    }
}
